A Risk assessment have to be applied to identify vulnerabilities and threats, use policies for critical systems have to be made and all staff security responsibilities needs to be outlined Candidates have up to one (one) yr from the date with the PCI certification evaluation to provide PCI with evidence https://economyinsights.net/press-release/2024-09-02/10749/nathan-labs-expands-cyber-security-services-in-saudi-arabia